26 Mar
2014
26 Mar
'14
9:17 p.m.
Am 26.03.2014 21:31, schrieb Leonid Isaev:
On Wed, 26 Mar 2014 21:00:15 +0100 Thomas Bächler <thomas@archlinux.org> wrote:
Am 26.03.2014 20:18, schrieb Leonid Isaev:
However, I don't think that Yama requires any userspace components, does it? Currently, I boot with "security=yama" and completely disabled non-admin ptrace (kernel.yama.ptrace_scope=2). Perhaps -ARCH kernels should keep Yama available albeit disabled by default (as they now do).
Once yama is built-in, the ptrace_scope protection is enabled by default. There is no option to change that.
But by default, kernel.yama.ptrace_scope = 0
No. The default is 1.